As computing technology has advanced, computers have become increasingly commonplace in people's lives. When using their computers, people sometimes desire to communicate information of a confidential or otherwise private nature to one or more other devices. When performing such communication, however, users typically desire verification that the one or more other devices with which they are communicating are indeed operated by an entity that is trusted by the user. For example, if a user is communicating his or her credit card number to another device in order to purchase a product, the user typically desires verification that the other device is indeed operated by an entity that he or she trusts (e.g., the company from which the product is being purchased, a credit card processing company, and so forth).
One way in which such verification can be performed is through use of a digital certificate that can associate a cryptographic key with a particular entity. Malicious users, however, can perform various different attacks to attempt to get a user to accept a fraudulent certificate, resulting in the user communicating with a device operated by the malicious user and providing confidential or otherwise private information to the malicious user. Problems exist with current computers in that it is difficult for users to distinguish between fraudulent certificates from malicious users and legitimate certificates from trusted entities.